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Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

1 . (Original) A system for the authentication by a card-issuing financial institution 
of identifying information of a card-holding user of a public data network, including: 

a secure data entry device connected to the public data network; and 

a gateway device connected to the public data network and to a private data 
network used for transmitting messages between financial institutions; 

wherein the secure data entry device includes means for the user to enter 
identifying information of a card issued by the financial institution, and means for 
transmitting the identifying information in a secure manner over the pubhc data network 
to the gateway device; and 

wherein the gateway device includes means for transmitting the identifying 
information to the card-issuing financial institution and for receiving an approval 
response fi-om the card-issuing financial institution over the private data network; 

whereby the approval response provides authentication of the identifying 
information by the card-issuing financial institution. 

2. (Original) The system of claim 1 wherein the public data network is the Intemet. 

3. (Currently amended) The system of claim 1 erf-wherein the secure data entry 
device is connected to the public data network via a personal computer. 

4. (Currently amended) The system of any one of th e pr e ceding claims claim 1 
wherein the private data network is an inter-bank network used for the transferral of 
electronic transaction data. 

5. (Original) The system of claim 4 wherein the private data network is provided via 



PHIP\518098\1 



Preliminary Amendment Attorney Docket No. 48335-227033 

U.S. National Phase of PCT/AU2004/001663 

a dedicated network operated for the sole purpose of conducting electronic financial 
transactions. 

6. (Original) The system of claim 4 wherein the private data network is a virtual 
private network operated for the purpose of conducting electronic financial transactions 
via a host public data network. 

7. (Currently amended) The system of any on e of th e pr e ceding claims claim 1 
wherein the secure data entry device fixrther includes: a card reader for reading relevant 
information stored on the user's card; and a keypad to enable the user to enter data into 
the system. 

8. (Original) The system of claim 7 wherein the card reader is able to read one or 
both of ISO 7816 'smart card' or ISO 7811 'mag stripe' type cards. 

9. (Original) The system of claim 7 wherein data entered by the user includes a 
Personal Identification Number associated with the card. 

10. (Currently amended) The system of any on e of th e preceding claims claim 1 
wherein said identifying information includes one or more of: 

the Primary Account Number associated with the card; 
the expiry date of the card; and 

the user's Personal Identification Number associated with the card. 

1 1 . (Currently amended) The system of any on e of th e pr e ceding claims claim 1 
wherein the identifying information is transmitted using a standard transaction message 
format compUant to ISO 8583. 

12. (Original) The system of claim 1 1 wherein the ISO 8583 message used is one of 
an '0200' financial presentment message, and or an '0104' authorization message. 
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13. (Currently amended) The system of any one of th e prec e ding claims claiml 
wherein the gateway device also includes means for transmitting the approval response to 
the secure data entry device. 

14. (Original) The system of claim 13 wherein the secure data entry device further 
includes means for deriving from the approval response verifiable proof that the 
customer's identifying information has been authenticated by the card-issuing financial 
institution. 

15. (Original) The system of claim 14 wherein said proof is an authentication data 
block, consisting of data computed in a secure manner from the approval sent from the 
card-issuing bank. 

16. (Original) The system of claim 15 wherein the data block is a whole or truncated 
encryption of the approval message derived using an encryption key stored securely 
within the secure data entry device. 

17. (Currently amended) The system of any on e of th e pr e c e ding claims claim 1 
wherein the gateway device further includes means to generate a replacement card 
number upon receipt of the approval response from the card-issuing institution. 

18. (Original) The system of claim 17 wherein the replacement card number is 
transmitted to the secure data entry device over the public data network. 

19. (Currently amended) The system of claim 17 er-4* wherein the replacement card 
number is generated dynamically for use in a single transaction. 

20. (Currently amended) The system of claim 1 7 e^4* wherein the replacement card 
number is maintained and used for multiple transactions. 



PHIP\518098\1 



Preliminary Amendment Attorney Docket No. 48335-227033 

U.S. National Phase of PCT/AU2004/001663 



2 1 . (Currently amended) The system of any one of claimo 17 to 20 claim 17 wherein 
supplementary details of a transaction are also be transmitted to the gateway device by 
the secure data entry device, and wherein said supplementary details include one or more 
of the transaction amount and a merchant identification. 

22. (Original) The system of claim 21 wherein said supplementary details are 
transmitted to the gateway device in the transaction message carrying the identifying 
information. 

23. (Currently amended) The system of any on e of claims 17 to 22 claim 17 wherein 
the Bank Identification Number of the replacement card number may be selected such 
that the payment transaction is routed through the gateway device on the private data 
network before being sent to the card-issuing financial institution. 

24. (Currently amended) The system of any on e of claims 17 to 22 claim 17 wherein 
the Bank Identification Number of the replacement card number may be selected such 
that the payment transaction is directed over the private data network to the gateway 
device by identifying the gateway device as a card-issuing institution of the replacement 
card number. 

25. (Currently amended) The system of any one of claims 17 to 24 claim 17 wherein 
the gateway device further includes: 

means for receiving payment transaction messages firom the private data network; 
means for modifying received payment transaction messages; and 

means for transmitting said modified payment transaction messages to the card- 
issuing financial institution; 

whereby the gateway device is able to substitute actual card numbers for 
replacement card numbers before transmitting received payment transaction messages to 
the card-issuing financial institution. 
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26. (Currently amended) The system of any on e of claims 17 to 25 claim 17 wherein 
the gateway device further includes a database of replacement card numbers including 
corresponding actual card numbers and supplementary transaction details. 

27. (Original) A method for the authentication by a card-issuing financial institution 
of identifying information of a card-holding user of a public data network, including the 
steps of: 

providing a secure data entry device connected to the public data network; 

providing a gateway device connected to the public data network and to a private 
data network used for transmitting messages between financial institutions; 

the user entering identifying information of a card issued by the card issuing 
financial institution into the secure data entry device; 

transmitting the identifying information in a secure manner over the public data 
network to the gateway device; 

transmitting the identifying information to the card-issuing financial institution; 

and 

receiving an approval response fi-om the card-issuing financial institution over the 
private data network; 

whereby the approval response provides authentication of the identifying 
information by the card-issuing financial institution. 
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28. (Original) A process for the authentication, by a card-issuing financial institution, 
of identifying information of a card-holding user of a public data network, the process 
including the following steps: 

providing a secure data entry device connected to the public data network; and 

providing a gateway device connected to the public data network and to a private 
data network used for transmitting messages between financial institutions; 

transmitting the identifying information in a secure manner over the pubKc data 
network to the gateway device; 

transmitting the identifying information to the card-issuing financial institution; 

and 

receiving an approval response from the card-issuing financial institution over the 
private data network; 

whereby the approval response provides authentication of the identifying 
information by the card- issuing financial institution. 
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